Herramientas

adidnsdump

• https://github.com/dirkjanm/adidnsdump

ASREPRoast

• https://github.com/HarmJ0y/ASREPRoast

Import-Module .\ASREPRoast.ps1

BloodHound

• https://github.com/BloodHoundAD/BloodHound

Ingestor/collector

• BloodHound.py (Linux/Unix)

  • https://github.com/fox-it/BloodHound.py

• SharpHound (Windows)

  • Ejecutable (.exe): https://github.com/BloodHoundAD/SharpHound

  • PowerShell: SharpHound.ps1

CrackMapExec

• https://github.com/Porchetta-Industries/CrackMapExec

DomainPasswordSpray

• https://github.com/dafthack/DomainPasswordSpray

Evil-WinRM

• https://github.com/Hackplayers/evil-winrm

Hashcat

• https://hashcat.net/

HFS (HTTP File Server)

• https://www.rejetto.com/hfs/

Inveigh

• https://github.com/Kevin-Robertson/Inveigh

Impacket

• https://github.com/SecureAuthCorp/impacket

Kerbrute

• https://github.com/ropnop/kerbrute

LDAPDomainDump

• https://github.com/dirkjanm/ldapdomaindump

ldapsearch

• https://linux.die.net/man/1/ldapsearch

Mimikatz

• https://github.com/ParrotSec/mimikatz

Invoke-Mimikatz

• https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Invoke-Mimikatz.ps1

Módulo ActiveDirectory PowerShell

Importar módulo.

Importar módulo desde DLL.

• https://github.com/samratashok/ADModule

Powercat

• https://github.com/besimorhino/powercat

PowerUp

• https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1

PowerUpSQL

• https://github.com/NetSPI/PowerUpSQL

PowerView

• https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon

Responder

• https://github.com/lgandx/Responder

Rubeus

• https://github.com/GhostPack/Rubeus

SharpView

• https://github.com/tevora-threat/SharpView

Snaffler

• https://github.com/SnaffCon/Snaffler

WADComs

• https://wadcoms.github.io

windapsearch

• https://github.com/ropnop/windapsearch